A Novel Approach for the Early Detection and Identification of Botnets

2011 ◽  
Vol 403-408 ◽  
pp. 4469-4475
Author(s):  
S. Benson Edwin Raj ◽  
V.S. Jayanthi ◽  
R. Shalini
Keyword(s):  
Early Detection ◽  
Optimization Technique ◽  
Machine Learning Algorithms ◽  
Ip Address ◽  
Detection Techniques ◽  
Detection And Identification ◽  
Novel Approach ◽  
Size Number ◽  
Ip Spoofing ◽  
The Right

Botnets are growing in size, number and impact. It continues to be one of the top three web threats that mankind has ever known. The botnets are the souped-up cyber engines driving nearly all criminal commerce on the Internet and are seen as relaying millions of pieces of junk e-mail, or spam. Thus, the need of the hour is the early detection and identification of the heart of network packet flooding or the C&C centre. Most of the botmasters perform DDos attacks on a target server by spoofing the source IP address. The existing botnet detection techniques rely on machine learning algorithms and do not expound the IP spoofing issue. These approaches are also found to be unsuccessful in the meticulous identification of the botmasters. Here we propose an architecture that depend on the PSO-based IP tracebacking. Our architecture also introduces the IP spoofing detector unit so as to ensure that the Traceback moves in the right direction. The approach also detects the zombies and utilizes the PSO optimization technique that aid in the identification of the C&C node. The experimental results show that our approach is successful in prompt detection of the bots.

Identification and Classification of Cyber Threats Through SSH Honeypot Systems

2020 ◽  
pp. 105-129
Author(s):  
José María Jorquera Valero ◽  
Manuel Gil Pérez ◽  
Alberto Huertas Celdrán ◽  
Gregorio Martínez Pérez
Keyword(s):  
Machine Learning ◽  
Early Detection ◽  
Machine Learning Algorithms ◽  
Intrusion Detection Systems ◽  
Security Systems ◽  
Detection Techniques ◽  
Detection Systems ◽  
Cyber Threats ◽  
Detection Capabilities

As the number and sophistication of cyber threats increases year after year, security systems such as antivirus, firewalls, or Intrusion Detection Systems based on misuse detection techniques are improved in detection capabilities. However, these traditional systems are usually limited to detect potential threats, since they are inadequate to spot zero-day attacks or mutations in behaviour. Authors propose using honeypot systems as a further security layer able to provide an intelligence holistic level in detecting unknown threats, or well-known attacks with new behaviour patterns. Since brute-force attacks are increasing in recent years, authors opted for an SSH medium-interaction honeypot to acquire a log set from attacker's interactions. The proposed system is able to acquire behaviour patterns of each attacker and link them with future sessions for early detection. Authors also generate a feature set to feed Machine Learning algorithms with the main goal of identifying and classifying attacker's sessions, and thus be able to learn malicious intentions in executing cyber threats.

scholarly journals A survey on existing IP trace back mechanisms and their comparisons

2018 ◽  
Vol 7 (1.9) ◽  
pp. 67
Author(s):  
Vahiduddin Shariff ◽  
Ruth Ramya K ◽  
B Renuka Devi ◽  
Debnath Bhattacharyya ◽  
Tai-hoon Kim
Keyword(s):  
Current Problem ◽  
Data Traffic ◽  
Ip Address ◽  
The Past ◽  
Trace Back ◽  
Ip Spoofing ◽  
Recent Trends ◽  
Set Up ◽  
The One ◽  
The Right

Security is the one of the main point of focus in recent trends of computer science, as it has to determine the right people accessing the system and ones who are trying the bypassing it. IP spoofing is one of the prevalent attacks, where the attackers launch the attack by spoofing the source address, once this happens they can attack without revealing their exact location. The attacker uses a fraudulent IP address to conceal their identity. To reveal the attackers real locations many IP trace back mechanisms have been proposed but the attacker immediately gets away with the information. There is another problem which is to detect DDoS traffic and the precarious packets set up by the attacker, which are a threat to the victim as well as the whole network, here lies another hurdle which is to differentiate between the attacker’s data traffic from the normal data traffic. There are many solutions given for this but one among them is IP trace back which already has researched upon in the past and implemented then, but what is lacking in the solution such that the attacks are even now taking place. IP trace back if modified, strengthened would analyze the traffic faster and trace out the attacker with a faster pace, which is why a hybrid IP tracing and tracking mechanism if introduced could ease the current problem.

scholarly journals An IoT-Focused Intrusion Detection System Approach Based on Preprocessing Characterization for Cybersecurity Datasets

Sensors ◽  
2021 ◽  
Vol 21 (2) ◽  
pp. 656
Author(s):  
Xavier Larriva-Novo ◽  
Víctor A. Villagrá ◽  
Mario Vega-Barbas ◽  
Diego Rivera ◽  
Mario Sanz Rodrigo
Keyword(s):  
Machine Learning ◽  
Intrusion Detection ◽  
High Performance ◽  
Learning Algorithm ◽  
Detection System ◽  
Machine Learning Algorithms ◽  
Statistical Characteristics ◽  
Detection Techniques ◽  
Traffic Characteristics ◽  
Benchmark Datasets

Security in IoT networks is currently mandatory, due to the high amount of data that has to be handled. These systems are vulnerable to several cybersecurity attacks, which are increasing in number and sophistication. Due to this reason, new intrusion detection techniques have to be developed, being as accurate as possible for these scenarios. Intrusion detection systems based on machine learning algorithms have already shown a high performance in terms of accuracy. This research proposes the study and evaluation of several preprocessing techniques based on traffic categorization for a machine learning neural network algorithm. This research uses for its evaluation two benchmark datasets, namely UGR16 and the UNSW-NB15, and one of the most used datasets, KDD99. The preprocessing techniques were evaluated in accordance with scalar and normalization functions. All of these preprocessing models were applied through different sets of characteristics based on a categorization composed by four groups of features: basic connection features, content characteristics, statistical characteristics and finally, a group which is composed by traffic-based features and connection direction-based traffic characteristics. The objective of this research is to evaluate this categorization by using various data preprocessing techniques to obtain the most accurate model. Our proposal shows that, by applying the categorization of network traffic and several preprocessing techniques, the accuracy can be enhanced by up to 45%. The preprocessing of a specific group of characteristics allows for greater accuracy, allowing the machine learning algorithm to correctly classify these parameters related to possible attacks.

scholarly journals CNFE-SE: a novel approach combining complex network-based feature engineering and stacked ensemble to predict the success of intrauterine insemination and ranking the features

2021 ◽  
Vol 21 (1) ◽  
Author(s):  
Sima Ranjbari ◽  
Toktam Khatibi ◽  
Ahmad Vosough Dizaji ◽  
Hesamoddin Sajadi ◽  
Mehdi Totonchi ◽  
...  
Keyword(s):  
Complex Networks ◽  
Complex Network ◽  
Semen Quality ◽  
Intrauterine Insemination ◽  
Machine Learning Algorithms ◽  
Semen Parameters ◽  
Feature Engineering ◽  
Operating Characteristics ◽  
Scoring Method ◽  
Novel Approach

Abstract Background Intrauterine Insemination (IUI) outcome prediction is a challenging issue which the assisted reproductive technology (ART) practitioners are dealing with. Predicting the success or failure of IUI based on the couples' features can assist the physicians to make the appropriate decision for suggesting IUI to the couples or not and/or continuing the treatment or not for them. Many previous studies have been focused on predicting the in vitro fertilization (IVF) and intracytoplasmic sperm injection (ICSI) outcome using machine learning algorithms. But, to the best of our knowledge, a few studies have been focused on predicting the outcome of IUI. The main aim of this study is to propose an automatic classification and feature scoring method to predict intrauterine insemination (IUI) outcome and ranking the most significant features. Methods For this purpose, a novel approach combining complex network-based feature engineering and stacked ensemble (CNFE-SE) is proposed. Three complex networks are extracted considering the patients' data similarities. The feature engineering step is performed on the complex networks. The original feature set and/or the features engineered are fed to the proposed stacked ensemble to classify and predict IUI outcome for couples per IUI treatment cycle. Our study is a retrospective study of a 5-year couples' data undergoing IUI. Data is collected from Reproductive Biomedicine Research Center, Royan Institute describing 11,255 IUI treatment cycles for 8,360 couples. Our dataset includes the couples' demographic characteristics, historical data about the patients' diseases, the clinical diagnosis, the treatment plans and the prescribed drugs during the cycles, semen quality, laboratory tests and the clinical pregnancy outcome. Results Experimental results show that the proposed method outperforms the compared methods with Area under receiver operating characteristics curve (AUC) of 0.84 ± 0.01, sensitivity of 0.79 ± 0.01, specificity of 0.91 ± 0.01, and accuracy of 0.85 ± 0.01 for the prediction of IUI outcome. Conclusions The most important predictors for predicting IUI outcome are semen parameters (sperm motility and concentration) as well as female body mass index (BMI).

scholarly journals Ganoderma boninense Disease Detection by Near-Infrared Spectroscopy Classification: A Review

Sensors ◽  
2021 ◽  
Vol 21 (9) ◽  
pp. 3052
Author(s):  
Mas Ira Syafila Mohd Hilmi Tan ◽  
Mohd Faizal Jamlos ◽  
Ahmad Fairuz Omar ◽  
Fatimah Dzaharudin ◽  
Suramate Chalermwisutkul ◽  
...  
Keyword(s):  
Infrared Spectroscopy ◽  
Early Detection ◽  
Near Infrared Spectroscopy ◽  
Near Infrared ◽  
Predictive Analytics ◽  
Detection System ◽  
Imaging Techniques ◽  
Ganoderma Boninense ◽  
Machine Learning Classification ◽  
Detection Techniques

Ganoderma boninense (G. boninense) infection reduces the productivity of oil palms and causes a serious threat to the palm oil industry. This catastrophic disease ultimately destroys the basal tissues of oil palm, causing the eventual death of the palm. Early detection of G. boninense is vital since there is no effective treatment to stop the continuing spread of the disease. This review describes past and future prospects of integrated research of near-infrared spectroscopy (NIRS), machine learning classification for predictive analytics and signal processing towards an early G. boninense detection system. This effort could reduce the cost of plantation management and avoid production losses. Remarkably, (i) spectroscopy techniques are more reliable than other detection techniques such as serological, molecular, biomarker-based sensor and imaging techniques in reactions with organic tissues, (ii) the NIR spectrum is more precise and sensitive to particular diseases, including G. boninense, compared to visible light and (iii) hand-held NIRS for in situ measurement is used to explore the efficacy of an early detection system in real time using ML classifier algorithms and a predictive analytics model. The non-destructive, environmentally friendly (no chemicals involved), mobile and sensitive leads the NIRS with ML and predictive analytics as a significant platform towards early detection of G. boninense in the future.

scholarly journals Estimating PQoS of Video Conferencing on Wi-Fi Networks Using Machine Learning

2021 ◽  
Vol 13 (3) ◽  
pp. 63
Author(s):  
Maghsoud Morshedi ◽  
Josef Noll
Keyword(s):  
Machine Learning ◽  
Network Performance ◽  
Service Providers ◽  
Video Conferencing ◽  
Machine Learning Algorithms ◽  
Performance Parameters ◽  
High Definition ◽  
Internet Service ◽  
Novel Approach ◽  
5 Ghz

Video conferencing services based on web real-time communication (WebRTC) protocol are growing in popularity among Internet users as multi-platform solutions enabling interactive communication from anywhere, especially during this pandemic era. Meanwhile, Internet service providers (ISPs) have deployed fiber links and customer premises equipment that operate according to recent 802.11ac/ax standards and promise users the ability to establish uninterrupted video conferencing calls with ultra-high-definition video and audio quality. However, the best-effort nature of 802.11 networks and the high variability of wireless medium conditions hinder users experiencing uninterrupted high-quality video conferencing. This paper presents a novel approach to estimate the perceived quality of service (PQoS) of video conferencing using only 802.11-specific network performance parameters collected from Wi-Fi access points (APs) on customer premises. This study produced datasets comprising 802.11-specific network performance parameters collected from off-the-shelf Wi-Fi APs operating at 802.11g/n/ac/ax standards on both 2.4 and 5 GHz frequency bands to train machine learning algorithms. In this way, we achieved classification accuracies of 92–98% in estimating the level of PQoS of video conferencing services on various Wi-Fi networks. To efficiently troubleshoot wireless issues, we further analyzed the machine learning model to correlate features in the model with the root cause of quality degradation. Thus, ISPs can utilize the approach presented in this study to provide predictable and measurable wireless quality by implementing a non-intrusive quality monitoring approach in the form of edge computing that preserves customers’ privacy while reducing the operational costs of monitoring and data analytics.

Sign in / Sign up

Export Citation Format

Share Document